【新唐人2014年05月28日訊】美國政府繼19號起訴中共軍隊5名黑客,盜取商業機密和經濟情報後,目前正考慮以拒絕簽證的方式,阻止中國的黑客參加今年8月舉行的兩個重量級黑客大會。
5月19號,美國司法部以「網路間諜罪」起訴了中共61398部隊5名黑客,控告他們在2006年到2014年間,入侵美國5家公司和一個工會的電腦系統,盜取商業機密和經濟情報。
這是美國政府第一次正式指控中共軍人從事網路間諜活動。
美國政府一位不具名的高級官員日前透露,美國政府正考慮限制給中國的黑客發放簽證,以阻止他們出席今年8月在拉斯維加斯舉行的「黑客大會」(Def Con)和「黑帽子大會」(Black Hat)。
英國《路透社》評論文章指出,阻止中國的黑客參加重量級國際黑客大會,是美國遏制中共網路間諜活動廣泛努力的一部分。
不過,這兩個國際黑客大會的組織者,質疑美國政府採取這項措施的有效性,因為大會的所有討論都會錄像,並在會後公開出售。
旅美中國問題評論人士李善鑒:「這個比較重要的意義是,其實美國在宣示、在強調說這個事情,不是我們提一下,不了了之就完了,這是美國要持續關注的一個問題。」
旅美中國社會問題研究人士張健:「美國政府如果對已知的黑客進行拒絕簽證,的確是可以有效的,但我並不認為美國政府可以全方位的、有效杜絕所有的黑客用各種渠道進入美國,因為這個是無法杜絕的,從技術上,各方面難度太大,因為美國政府所討論的黑客,也只是大量攻擊美國黑客的冰山之一角。」
美國《紐約時報》披露,除了遭到起訴的中共61398部隊外,美國國家安全局及情報合作夥伴,目前還在調查20多個中共黑客組織,這些組織大多為中共軍方單位,它們侵入了美國大量政府機構和公司。
報導說,被西方網路安全圈子稱為「上海組」或APT1的中共61398部隊,是中國最臭名昭著的從事黑客活動的組織。據美國「麥迪安網路安全公司」發佈的報告,61398部隊極可能盜取了美國150家公司機構的大量信息,並試圖操控美國的關鍵基礎設施。
研究人員喬•斯圖爾特透露,截至去年,在他追蹤的2萬5千個可疑網路域中,「上海組」和「北京組」的一個團隊佔據了很大一部分。他說,「北京組」使用一個專用的IP地址段,可以追溯到中國國有企業–中國聯通在北京的網路。
斯圖爾特表示,「上海組」和「北京組」都關注外國公司和政府機關,不過「北京組」也會關注「某些類型的活動人士」,包括藏人和維吾爾人流亡團體。
美國官員透露,位於中國廣州的一個私人組織,相信按照中共當局的命令行事。而這個私人組織與美國、英國和俄羅斯的一些防禦技術方面的承包商受到襲擊有關。襲擊目標包括導彈、衛星、空間技術及核動力推進技術等方面的開發商。而最近,這個組織還將攻擊範圍擴大到律師事務所。律師事務所為客戶保管有價值的知識產權,但往往不具備大企業的安全防禦能力。
張健:「在中共的授意下,這些黑客大量的盜取美國的營運、商業、高科技的信息,從個人來講,中共盜取大量的個人信息,對異議人士的打壓、維權人士的抓捕,以及對宗教信仰的長期迫害,也會導致這樣的問題。所以,美國各界對中共利用黑客的方式來獲取他人秘密,是非常擔憂的。」
美國《華爾街日報》援引美國官員的話說,如果中共當局不遏制黑客的網路間諜活動,美國政府將考慮採取一系列報復性措施,包括公布那些受到指控的中國黑客進行網路攻擊的額外證據,以及對被起訴人士有關聯的人員或機構,實施商業和金融制裁。
採訪/朱智善 編輯/陳潔 後製/李勇
U.S. Bans Chinese Hackers Attending Conference
Following the indictment of five Chinese military hackers
stealing trade secrets and financial intelligence, Washington is
considering using visa restrictions to prevent Chinese hackers
from attending two international hacker conferences this August.
On May 19, the U.S. Justice Department charged five hackers
from the Chinese military unit 61398 with hacking into five
U.S. companies and a union to steal trade secrets between
2006 and 2014.
This is the first official accusation of the Chinese military
engaging in cyber espionage from the U.S. government.
A senior administration official said Saturday, that Washington
is considering using visa restrictions to prevent Chinese
nationals from attending popular summer hacking conferences,
Def Con and Black Hat, in Las Vegas.
Reuters reported that preventing Chinese nationals from
attending popular summer hacking conferences is part of a
broader effort to curb Chinese cyber espionage.
However, organizers of the two conferences believe limiting
participation from China would have little impact, since
hacking talks from both conferences are videotaped and sold
on DVDs or posted on the web.
Li Shanjia, China issue commentator: “The significance of the
act is to emphasize that the U.S. will continue watching out
for the cyber espionage issue."
Zhang Jian, China social issue researcher: “It will be effective
for the U.S. government to refuse visas to known hackers.
However, it would be hard to conduct comprehensive and
effective measures to eliminate all hackers.
Technically, it will be very difficult.
The hackers the U.S. is tackling now are just the tip of the
iceberg."
New York Times revealed that as well as the indictment
that dealt almost exclusively with Unit 61398, there are also cases
against another roughly 20 Chinese hacking groups that attacked
government agencies and companies.
Some of these hacking groups are associated with the
Communist military.
It is reported that Chinese Army Unit 61398 is now the most
infamous of China’s suspected hacking groups, and the
Western cybersecurity industry variously calls it the
Shanghai Group and APT1.
According to a report by Mandiant, a cybersecurity company,
the 61398 has allegedly stolen massive information from
150 U.S. organizations and tried to manipulate critical
infrastructure in the U.S.
Joe Stewart, a cybersecurity expert, said that as of last year,
the Shanghai Group and the Beijing Group were using 25,000
suspicious online domains he had been tracking.
The Beijing Group, he said, used a dedicated block of I.P.
addresses that could be traced to the Chinese capital and to
the network of China Unicom, one of the three biggest
state-owned Internet telecommunications companies,
reported NY Times.
The targets pursued by the Shanghai Group and the Beijing
Group overlap — both go after foreign corporations and
government agencies, for example — but the Beijing unit also
takes aim at “activist types", Mr. Stewart said, including ethnic
Tibetan and Uighur exile groups.
NY Times reported that officials say one of these privately
contracted groups, based in Guangzhou, China, has been tied
to attacks against defense contractors — including missile,
satellite and space technologies and nuclear propulsion
technology developers — in the United States, Britain and
Russia.
More recently, two officials said that the group has expanded
its targets to include law firms, which hold valuable intellectual
property for their clients but often lack the security defenses of
a larger corporation.
Zhang Jian: “At the CCP’s behest, these hackers have stolen a
large amount of information from the U.S. operations,
commercial, and high-tech.
As for individuals, the CCP steal large amounts of personal
information to enable its suppression and arrest of dissidents,
activists, and people of religions.
That is the reason why the Chinese hackers and the
exploitation of the hackers by the CCP have become of
genuine concern to the U.S. and the general public."
WSJ reported that the Obama administration is considering a
raft of options to confront China more aggressively over
cyberspying, officials say.
Options include exposing evidence of cyberspying from
Chinese hackers, indictment of Chinese nationals and
organizations in U.S. courts and trade sanctions.
Interview/Zhu Zhishan Edit/Chen Jie Post-Production/Li Yong
